Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
Google has released Chrome 81.0.4044.113 for Windows, Mac and Linux, as well as a new version of Chrome for Android.
Cisco has released security patches for Cisco IP Phones Web Application, UCS Director and other products. Five of the vulnerabilities are rated Critical severity and another seven are rated High severity.
Adobe has released security updates for ColdFusion, After Effects and Digital Editions products.
Intel has released security updates to fix vulnerabilities in Intel PROSet/Wireless WiFi, Driver and Support Assistant, and other software products.
Microsoft released the April 2020 Security Updates that includes 113 unique vulnerability fixes, 18 of those rated critical. The updates also include patches for two Adobe Font Manager zero day vulnerabilities disclosed in March.
Oracle has released its Critical Patch Update for April 2020 to include 297 vulnerability fixes across multiple products. The company also continues to receive reports of remote attackers attempting to maliciously exploit unpatched vulnerabilities.
Visa is urging merchants to upgrade Magento 1 ecommerce websites to 2.x before the end of June 2020, the date when Magento ends support.
Google has released Chrome 81 (81.0.4044.92) for Windows, Mac and Linux. The latest update includes security patches, along with new features for auto-upgrading of mixed image content and support for Web NFC standard.
The Mozilla Foundation has released Firefox 75 with multiple new features that can help you 'search smarter and faster'. In addition, the latest update also addresses six security vulnerabilities.